Lucene search
+L

160 matches found

cvelist
cvelist
added 13 hours ago15 views

CVE-2026-15306 Product Feed Manager For WooCommerce <= 7.6.1 - Reflected Cross-Site Scripting via 's' Search Parameter

The Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via 's' Search Parameter in all versions up to, and including, 7.6.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS
Exploits0References6
euvd
euvd
added 13 hours ago4 views

EUVD-2026-44863

The Product Feed Manager For WooCommerce – Sell on 200+ Online Marketplaces plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via 's' Search Parameter in all versions up to, and including, 7.6.1 due to insufficient input sanitization and output escaping. This makes it possible...

6.1CVSS6.2AI score
Exploits0References6
redhatcve
redhatcve
added 2026/06/05 7:21 p.m.11 views

CVE-2026-3499

The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 13.4.6 through 13.5.2.1. This is due to missing or incorrect nonce validation on the ajaxmigratetocustomposttype,...

8.8CVSS5.4AI score0.00165EPSS
Exploits0References1
nvd
nvd
added 2026/04/08 2:16 a.m.4 views

CVE-2026-3499

The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 13.4.6 through 13.5.2.1. This is due to missing or incorrect nonce validation on the ajaxmigratetocustomposttype,...

8.8CVSS0.00165EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/08 1:24 a.m.19 views

CVE-2026-3499 Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce 13.4.6 - 13.5.2.1 - Cross-Site Request Forgery to Multiple Administrative Actions

The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 13.4.6 through 13.5.2.1. This is due to missing or incorrect nonce validation on the ajaxmigratetocustomposttype,...

8.8CVSS0.00165EPSS
Exploits0References2
cve
cve
added 2026/04/08 1:24 a.m.12 views

CVE-2026-3499

Product Feed PRO for WooCommerce (AdTribes) for WordPress is vulnerable to Cross-Site Request Forgery in versions 13.4.6–13.5.2.1 due to missing/incorrect nonce validation on AJAX endpoints: ajax_migrate_to_custom_post_type, ajax_adt_clear_custom_attributes_product_meta_keys, ajax_update_file_url...

8.8CVSS5.8AI score0.00165EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/04/08 12:0 a.m.9 views

WordPress plugin Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

8.8CVSS5.8AI score0.00165EPSS
Exploits0References2
patchstack
patchstack
added 2026/04/07 10:51 p.m.11 views

WordPress Product Feed PRO for WooCommerce plugin 13.4.6-13.5.2.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by luckybuddy in WordPress Plugin Product Feed PRO for WooCommerce versions 13.4.6-13.5.2.1...

8.8CVSS5.9AI score0.00165EPSS
Exploits0Affected Software1
redhatcve
redhatcve
added 2026/03/26 5:1 p.m.9 views

CVE-2026-22480

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

7.2CVSS5.8AI score0.00503EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/03/26 3:17 p.m.5 views

CVE-2026-32443

Cross-Site Request Forgery CSRF vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through = 13.5.2...

6.5CVSS5.8AI score0.00112EPSS
Exploits0References1
euvd
euvd
added 2026/03/25 6:31 p.m.5 views

EUVD-2026-15487

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

5.8AI score0.00503EPSS
Exploits0References2
nvd
nvd
added 2026/03/25 5:16 p.m.3 views

CVE-2026-22480

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

7.2CVSS0.00503EPSS
Exploits0References1
cve
cve
added 2026/03/25 4:14 p.m.10 views

CVE-2026-22480

CVE-2026-22480 concerns WebToffee Product Feed for WooCommerce. The vulnerability is a Deserialization of Untrusted Data issue that enables PHP Object Injection in WebToffee WooCommerce Product Feeds (plugin) versions through 2.3.3. The CVE entry is supported by multiple connected sources (NVD/Re...

7.2CVSS5.8AI score0.00503EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/25 4:14 p.m.26 views

CVE-2026-22480 WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

7.2CVSS0.00503EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-22480 WordPress Product Feed for WooCommerce plugin <= 2.3.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in WebToffee Product Feed for WooCommerce webtoffee-product-feed allows Object Injection.This issue affects Product Feed for WooCommerce: from n/a through = 2.3.3...

7.2CVSS5.8AI score0.00503EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/03/25 12:0 a.m.8 views

WordPress plugin Product Feed for WooCommerce 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.2CVSS5.9AI score0.00503EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/03/25 12:0 a.m.8 views

PT-2026-27812

Name of the Vulnerable Software and Affected Versions WebToffee Product Feed for WooCommerce versions through 2.3.3 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This impacts Product Feed for WooCommerce. Recommendations Upda...

7.2CVSS5.9AI score0.00503EPSS
Exploits0References3
euvd
euvd
added 2026/03/13 9:31 p.m.4 views

EUVD-2026-11987

Cross-Site Request Forgery CSRF vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through = 13.5.2...

6.5CVSS5.8AI score0.00112EPSS
Exploits0References2
nvd
nvd
added 2026/03/13 7:55 p.m.7 views

CVE-2026-32443

Cross-Site Request Forgery CSRF vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through = 13.5.2...

6.5CVSS0.00112EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/13 11:42 a.m.30 views

CVE-2026-32443 WordPress Product Feed PRO for WooCommerce plugin <= 13.5.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Josh Kohlbach Product Feed PRO for WooCommerce woo-product-feed-pro allows Cross Site Request Forgery.This issue affects Product Feed PRO for WooCommerce: from n/a through = 13.5.2...

6.5CVSS0.00112EPSS
Exploits0References1
Rows per page
Query Builder